<?php
namespace apple;

class AppleIap
{
    private $returnData = [];
     /**
     * @var string 密码
     * 用户和访问->共享密钥 内设置
     * https://appstoreconnect.apple.com/access/shared-secret
     */
    private $password;
    public function setPassword($password){
        $this->password = $password;
        return $this;
    }
    public function verify($params)
    {

        $receipt = $params['transaction_receipt'];
        $identifier = $params['transaction_identifier'];
        $data = [
            'status' => -2,
            'message' => '',
            'product_id'=>'',
            'verify'=>false,
        ];
        if (strlen($receipt) < 10) {
            $data['status'] = -1;
            $data['message'] = '凭证数据长度太短，请确定数据正确！';
            return $data;
        }
        $url = isset($params['is_sandbox']) && $params['is_sandbox'] ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt';
        $return = $this->postData($receipt, $url);

        if (!empty($return)) {
            $this->returnData = json_decode($return, true);
            $data['status'] = $this->returnData['status'];
            if ($this->returnData['status'] !== 0) {
                $data['message'] = $this->getStatusError($this->returnData['status']);
                return $data;
            }
            $in_app=$this->getLastIAP();
            $data['message'] = $in_app['transaction_id'];
            $data['product_id'] = $in_app['product_id'];
            $data['identifier_verify']=$identifier==$in_app['transaction_id'];
            return $data;
        }
        $data['message'] = '与苹果服务器通讯失败！';
        return $data;
    }

    private function getStatusError($status)
    {
        switch ((int) $status) {
            case 21000:
                $error = 'AppleStore不能读取你提供的JSON对象';
                break;
            case 21002:
                $error = 'receipt-data域的数据有问题';
                break;
            case 21003:
                $error = 'receipt无法通过验证';
                break;
            case 21004:
                $error = '提供的shared secret不匹配你账号中的shared secret';
                break;
            case 21005:
                $error = 'receipt服务器当前不可用';
                break;
            case 21006:
                $error = 'receipt合法，但是订阅已过期';
                break;
            case 21007:
                $error = 'receipt是沙盒凭证，但却发送至生产环境的验证服务';
                break;
            case 21008:
                $error = 'receipt是生产凭证，但却发送至沙盒环境的验证服务';
                break;
            default:
                $error = '未知错误';
        }
        return $error;
    }
    public function getLastIAP()
    {
        $inApps = $this->returnData['receipt']['in_app'];
        return end($inApps);
    }
    private function postData($receipt_data, $url)
    {
        $postData = ['receipt-data' => $receipt_data, 'password' => $this->password];
        $ch = curl_init($url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postData));
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
        $response = curl_exec($ch);
        $errno = curl_errno($ch);
        $errmsg = curl_error($ch);
        curl_close($ch);
        return $response;
    }
}
